Cisco Switching/Routing :: 891 Deciding On Network Topology Of Router And FW
Jun 5, 2013
We currently support a third party VOIP software. Recently we have had issues with our T38 faxing to our SIP Trunk provider because our FW (sonicwall) doesn't support Nating the connection address within the SDP packet of the T.38 reinvite. This has caused us to look at alternate solutions. I have been in discussion with CISCO sales engineers and can't get a straight answer on which one of their products support this(RFC 3362, T.38 protocol used by our VOIP server)We were looking at replacing our sonicwall with an ASA but it seems it doesn't support RFC 3362 either . However, the sales engineer thinks that their regular routers will. So If I purchase a cisco router, i.e 8xx or 2621XM the question is where do I put it in my current topograpy. Currently we our at a Datacenter and our drop into our cabinet comes right into the Sonicwall and we have all NAT handled there, routing to different LAN ports on the Sonicwall. On LAN side all we have are standard switches supporting all of our Servers.
If I buy a Cisco router to handle my NAT issue for faxing.Do I put it on the WAN or LAN side of my FW?Do I setup the router to handle all of my NATing or just the NATing of my VOIP server that is having issues with the T.38? Would I need a Sonicwall FW if I purchased a CISCO 891?
I am a beginner, and my customer complaining about the internet connection performance which is very slow, the network description is given below:
Description: The building has four floors and each floor has one mount rack which contains one 26 port switch + 16 port switch. and each floor has 32 pc as well. - 4, Cisco SR2024 un managed switches. - 4, Cisco SR2016 un managed switches. - 1, Cisco access point for internet connection. - 1, Active directory server. - 1, Mail Server. - Internet ADSL connection, 1 MB speed.
This is the current topology.
*Note:The links and cable type "100BASE-TX under Cat 5" among all switches. *Note:Whenever I connect to the main router "Access point" the internet becomes very fast.
since a couple of days I've a strange behavior in my Spanning-Tree Topology.Every time I plug in a new Switch ( e.g. WS-2960S ) a topology change on my root bridge occurs and all client losing connection to the default gateway.The root bridge is also the default gateway.
Nov 28 11:14:12.865: STP: VLAN0001 Topology Change rcvd on Gi4/48 VLAN0001 is executing the ieee compatible Spanning Tree protocol Bridge Identifier has priority 0, sysid 1, address 0019.aa37.e040 Configured hello time 2, max age 20, forward delay 15 We are the root of the spanning tree
our pair of Nexus 7000 are configured with RSTP.On the Edge-Switches we have seen an STP topology change in all connected vlans.On N7k the topology has also changed what we`ve only seen in the output of the stp details [code]
I like to configure a logging for topology changes, but i havn't found a command.
Is there an opportunity to get this logging-messages on n7k?
current topology is build from 4 6500 switches connected in a ring topology. Using Port channel (2x 10Gbit) links to connect left side top and bottom 6500's (DC1), 10 G bit link to connect right side 6500's (DC2) In between a 1 G bit link is used to connect top 6500's (DC1-DC2) and the same for bottom 6500's (DC1-DC2).
Path costs are 5 and 6 so the T5/4 from bottom right is blocking. Bandwidth demands are increasing, so thinking about adding extra 1 G bit links to the existing ones and create ether channels. Path costs here are 4 and 5, so T5/4 from bottom right is still blocking, but when the bottom 2 G bit port-channel is loosing one 1 G bit link the path costs of both directions become equal. So I am worried that STP will not re converge and leave me with a congested 1 G bit link. I cannot test this setup in a lab, are there any options for STP to re-converge here?
i have made a topology in packet tracer related to etherchannel configuration.i am using 2 3560 switches and 1 2950 switch. Now what i want is to bundle up the redundant links between these 3 switches. The links fa0/1-3 between 2950_1 and 3560_1 switches have been bundled up but when i try to bundle the links fa0/4-6 of 3560_1 to fa0/4-6 of 3560_2 it wont work. i am using channel-group 1 mode desirable between the 3560 switches. secondly if i want to assign ip to port channels then it has to be of same subnet between 2 3560 switches right and it must be same between 2950_1 and 3560_1. But these 2 subnets should be different from one another.
Once again I'm stuck to tethering on my phone due to my router deciding to call it quits for the random moment. I cannot access its control panel, the network just goes kaput. Given that I don't have access to the router since it's part of a double house (the side I'm not on of course), this is getting beyond irritating to reboot it when this happens as that is the only way to fix it. The connections are even wired, too. What kind of money does it take to get a router that is going to STAY on and just work? I'm ready to dump some serious cash into this at this point because this happens at least twice a week anymore. I just want a router that works. It needs to be wireless as my neighbor does use his kindle on it every once and a while.
We are in the process of upgrading the bandwidth at a few offices. Each currently have a 2xT-1 connection but have high utilization on the circuit which is why they are being upgraded. We are trying to decide b/t either a partial DS3 or metro ethernet connection. Are there pros/cons b/t the two in order to decide which to go with? Cost is not an issue. Some say going with a partial DS3 circuit offers benefits over metro ethernet such as network-based failover, end-to-end availability is better with DS-3 and QoS.
After some time LMS stops to refresh network topology (not changing colors for devices which lost/found). However, if I restart topology services devices are refreshed.
Checked the processes. Everything is fine but there is a process named "1018". But I did not found any job with this number.
I recently upgraded my home network to include a new DOCIS 3 cable modem (SB 6121), RV 180 router, and a wireless access point. I have about 7 computers/devices on the network. A computer connected directly to the new modem was pulling down 30MB/sec (various speed tests), but when RV 180 was inserted between modem and network, downloads dropped to 10MB/sec. I worked with tech support (very kind), baselined the router, without improvement, and support conclusion was "hardware issue, need to RMA router".The one thing we failed to configure on the router was the Domain Name (Networking/LAN/IPv4 (local network)/DHCP/Domain Name:). Once I entered the domain name that actually matched the Workgroup / Domain name of the computers on the network, downloads and speed tests jumped to 30MB/sec consistently, and web browsing performance significantly improved.
I'm not very experienced in ASA failover designs, have over the years worked with 5505 & 5510's. With two 5520 on my hands right now I need to decide on the best failover design to meet the goal. The ASA group needs to provide VPN (site-site and support Cisco old fashioned VPN clients) and also serve as an internet facing firewall. Not many interfaces will be created. Would active/active failover be a possible configuration considering the VPN setup? Can active/active be used to let one 5520 performance deal with VPN and the other handle the firewall (until failover occurs where one would handle both jobs)?
i create a network topology ( i attached picture) and i don't know what exactly IP addresses should be assigned to routers and switches + there should be five VLAN's created and just one vlan (vlan 2) must see others vlans (for management purposes) and others vlans should not see each other. So i need that: 1) What IP addresses should be on routers and switches 2) How to create a 5 vlans, that they should not see each other, but one should see all, for example where i have to put "tagged" ports where "untagged" or "not member" ports etc.
i create a network topology ( i attached picture) and i don't know what exactly IP addresses should be assigned to routers and switches + there should be five VLAN's created and just one vlan (vlan 2) must see others vlans (for management purposes) and others vlans should not see each other. So i need that: 1) What IP addresses should be on routers and switches 2) How to create a 5 vlans, that they should not see each other, but one should see all, for example where i have to put "tagged" ports where "untagged" or "not member" ports etc.
how can i connect two offices in the same town.these two offices are separated by two kilometres.each office has ten rooms.how can i provide a secure intranet between the two offices ,what media can be used and hardware to provide a secure intranet via the two offices.
As we know when multiple PCs share same link"line" they will need multiple access protocol like CSMA/CD to protected from collision,,share link like "bus topology" need multiple access protocol "CSMA/CD" but in star topology"switch not hub" PC0 connect to port0 ,,PC1 connect to port1 PCn connect to portn then every PC connect to separate port ,, and the switch mange the network"by using MAC" then why we need to used CSMA/CD in star topology"switch"???
I have a problem where clients cannot roam between Cisco 1231g-e-k9 and recently installed cisco 1242g-e-k9 access points.. On looking at the CDP option on the 1231 and 1242 access points they are all aware of each other. However if I use the Network View option I see a different picture. All the 1231 access points can see each other but not see the 1242's. Network View on the1242 shows all the 1231's but none of the 1242's. The 1231 are running ver. 12.3(8)JEB and the 1242's are running ver. 12.4(21a)JA1.
I need to connect 4-6 laptops in a mesh network topology. What equipment do I need (switches, hubs cable etc..) and how should I create the connection?
I am trying to connect my Cisco 2911 router to my community in CNA. I can see the routers on the topology map, but when I try to add to community I get an error message stating that the router is unreachable (Unable to connect). I can ping device from ame client. I can view Device Properties for map (Device type: CISCO2911/K9). Telenet attempt to connect but we only use SSH for connectivity (the same as all of my switches that are connected to community). 2911 is listed as a supported router on Cisco site.
I came accross a Cisco 1801 router. As I understand it supposed to work with a dsl connection for internet access and configuration. I have cable internet access at home and since cisco routers are very versatile, I want to know if I can integrate this router into my home network, as a secondary router, and use it for its SSL vpn capabilities?
we are using 7609 router. it forwarding traffic to wards my firewall which was not allowd in my router. when ever im checking for routes in router using show ip route x.x.x.x its showing SUBNET IS NOT IN TABLE, but in workmy firewall dropped connection i can able to see that networks.
I am working at a client site today on a routing issue. I am currently working on an issue where a 3750 switch running EIGRP will not update its neighbor router when a network statement is added to the eigrp instance.The neighbor is a 3825 router.
Both the switch and the router have a common network which is 192.168.36.0/24. Both the switch and the router are in a neighbor adjacency. Both boxes have "no auto-summ" in the routing configuration instance.
I can run debugs on both routers (debug eigrp packets) and then I can watch queries and updates when I issue "auto-summ" or "no auto-summ". Also I see a "graceful restart" for the peers when this is done.I had an expectation that when I added the network (this is just an arbitrary network for testing, which is 172.16.69.0/24). I wanted to watch this network being sent in an update to the neighbor router.When I add the above mentioned network, there are no updates packets sent from the 3750 to the 3845. I have not had success to this point trying to resolve. I have followed the Cisco document "Troubleshooting EIGRP Flow Chart", but have exhausted all it has to offer and now it is at the point where it is telling me to contact TAC.
I have to configure router 2811 for Data and Voice network.However I have only one Fast Ethernet interface. [code]
what else do I need to configure on switchport on which Avaya phones are connected.And is there any extra command, i need to configure on the router and 2950 switch.
I just picked up a 24 port Catalyst 2950 to expand my home network and learn a bit more about networking. Having just upgraded the IOS software 'm now trying to get this to work as required on my network but I'm having a few issues.
My intentions are to plug my cable router/modem wan connection which is set up as the dhcp server to fa 0/1, then use fa 0/2 - 24 for the rest of my wired network. So essentially all on the same subnet interfacing with the router 192.168.0.1.
So far I have set up all of the security on the switch, and have all switch ports assigned to vlan1 with no IPs. My laptop connected to fa0/2 however is not assigned an ip address. Looking at a few posts I ahve rightly or wrongly played about with dhcp snooping.
Config Current configuration : 2205 bytes ! version 12.1 no service pad service timestamps debug uptime service timestamps log uptime service (code)
I wounder if there is any way to ping the local deviceses connected to a network hosted by a Cisco 1921 router? I wan't to be able to ping the device(computer name) but currently cant do that.
we've had an issue with our network, we have 2 6509 connected with redundancy, which are connected with 2 x 4900 Switches, from which are connected to a ESX Chassis for visualization, the thing is that the ESX stopped working, and the 4900 switches, and the main core were suffering from overload, they hang on it very well, in order to stop the overload, one of the links to the ESX Chassis were disconnected from one of the 4900 switches. The CPU usage from the 4900 and the core(6509) went down below 40%, and then they started to migrate the virtual servers from the chassis to another 2 chassis that were added right after. They were actually working well, but suddenly the 6509 changed to the other supervisor after everything was OK. We were wondering what could have been the cause of this, maybe the virtual servers migrations, maybe the overload from the ESX ? We also had a few question, is there any need to reload the cores every few months as a planned task ? Because the cores have been up for more than 1 year. And also is there any kind of of tool to monitor the CPU status, or the status overall from the cores or the switches ?
I am implementing a guest wireless network to work alongside my internal network. The guest network will use the existing switching network and will be separated by VLANs. I have the ASA set so that traffic can get to it and out to the Internet. I can set up a workstation on the same VLAN as my guest network and can route inside my network (strictly doing this for testing purposes). Where I am having problems is with the Catalyst 4506 switches and the ip routing. I had two separate "ip route" statements defined on my switches.
ip route 10.200.2.0 255.255.255.0 10.200.2.254 ip route 0.0.0.0 0.0.0.0 10.100.100.254
I have discovered that the traffic is always following the default route despite the fact that my IP address on my test workstation falls in the 10.200.2.x network. I was looking at documentation and found that it is possible to set up policy-based routing on the core switches. Can you have two "ip route" statements defined like this to segreate traffic or do I have to use PBR for routing (or a combination) in this case? If I define PBR then how does that impact my existing routing? I need to make sure that I can still route the existing traffic while I'm configuring this change.
I am trying to get my workstation to talk to a workstation on a different sub-net through a Cisco 3560 switch. The switch is running the following IOS version: [code]
My primary network is 172.16.0.0 and I am trying to connect to a device on a 192.168.111.0 sub-net. [code]
What would be the best way to get the two workstations talking via the switch?
i have an issue with the lms 4.2 Topology Data Collection. After installation the Topology Data Collection was running normaly, but since first server reload the Topo Data Collect under Inventory > Dashboards > Device Status > Collection Summary is "frozen".Is there any option to stop this process elsewhere? I cannot find anything under jobs in running state or so. Clicking on Schedule only give me the option to start data collection, but lms always returns that the process is running.
1)i have problem in LMS 4.2 , he shows most devices not connected to topology sitting lonly even though the have cdp enable , how to force these to join the topology
2)why some devices are shown unreachable , even though i can ping them from lms server and gets reply, also they have community and cdp configured
On a LMS 4.0.1 :I want to know what is the right way to change the telnet program on the campus mgr map (topology services map), when right-clicking a device icon and selecting telnet.I would like to use a tool of mine, and not to launch a telnet command from the IE browser.I changed the default telnet of Windows in the registry, but the program is still launched as a telnet URL in the browser and this is not what I would like to do.
The regular problem with the LMS topology and WAN Links when you see the branches are disconnected from the HQ BUT in my case the branches are already connected via Layer2 links but unfortunately some intermediate layer2 modem/switch exist in some branches which prevent CDP discovery but you will find both HQ and branch router in the same subnet .
